Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

7/7/2014
06:22 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Q&A: Panda Security Staging A Comeback

New Panda CEO and former IBM security executive Diego Navarrete shares his strategy and insight into turning around the security company that has fallen off the radar screen over the last couple of years.

Diego Navarrete, the former director of IBM's Security Systems Division in Europe, was named CEO of the struggling Panda Security in January. The Spanish antivirus firm in 2011 had cut its workforce by about 35% in the wake of a flattening antivirus market hit hard by free consumer antivirus offerings followed by the brutal financial crisis and recession in Spain. In an interview with Dark Reading Executive Editor Kelly Jackson Higgins, Navarette shared his aggressive plans for turning around Panda and its new laser focus on the US market, from where he says Panda will earn 10% of its revenue this year.

There are some promising signs of new life for Panda emerging: Navarrete estimates an increase of 7% in revenue for Panda in 2014, to $100 million for the privately held firm. Panda has 700 employees in 85 countries today, and 80% of its revenue comes from outside its native Spain, he says.

Dark Reading: What went wrong for Panda Security business-wise aside from the economic crisis in Spain?

Diego Navarrete: The new market of free antivirus [arrived], and Panda was fighting the big guys. Symantec and McAfee took most of the OEM agreements with PCs.

In 2007, Panda became a cloud security company, but in my opinion, the market was not as ready as it is today. In fact, the company then suffered … many of its own client-based customers wanted to remain on the customer [premise], so they were not opting for the cloud as much as [companies] are today.

The good news in 2014 is that everyone is talking about big data and cloud. And that's been in the company's strategy for seven years. We saw a turning point in the result in 2012, with the company back to double-digit growth, and last year, the same.

The market is endorsing our move to the cloud. Now it is a competitive advantage... My goal is to get Panda again in the [leading] industry position in innovation and business strength.

Dark Reading: What actions are you taking in turning around Panda?

Navarrete: I recently met with most of our key competitors in the US, and [some] will be our key partners in our new [cloud] service -- companies on the network security side, and the appliance network security space. The advantage we presented to them is that by running now for many years [in the cloud], we can automatically detect and classify malware.

We are also talking to a direct competitor that is highly interested in understanding how to work in the cloud.

Dark Reading: Panda has been noticeably quiet in the security research space, after a few years of being well-known for botnet and other research. Will we see a return to research?

Navarrete: Absolutely. The main strategies and technical [expertise] the company had back then remains in Panda. In the years when the market changed, the [European economic] crisis had an impact. Spain's [economic crisis] had a big impact on the company's results, and there had to be some layoffs early on in the lab.

[Some] people who remained with [Panda] after the bad years had in common they were either in the lab or [didn't leave]. Yes, we are going back to enhancing our presence in [security research] and being a thought leader again.

Dark Reading: You want to expand Panda's US market. How do you envision doing so?

Navarrete: Fifty percent of our US revenue is corporate enterprise, and 50% is consumer. Our sweet spot today remains that most of our client base [there] is SMB. We focus on the endpoint and develop protection, and our go-to-market strategy remains SMB [on the enterprise side].

We have a strong commitment to the channel, and get 80% of our revenue from partners.

Dark Reading: So is AV dead?

Navarrete: We are focused on the endpoint... [Traditional] AV is dead. But the evolution of AV is real-time service and tends to be data continuous monitoring for the cloud. You can in real-time close the opportunity for malware to run. I'm not going to say 100% of the time, but 99.99% is our claim.

In order to make our company grow and to develop the plan I have … we are leaders in malware protection and in cloud-based security technologies. We are coming off a really hard economic crisis in Europe. If we want the world to be with us, we need every employee behind this plan. This is the foundation for the company, and it starts from the inside. I'm being brutally honest.

In the end, it's always the same: Protect the endpoints. That is the center of our strategy that has not changed.

Dark Reading: Looking into your crystal ball, how do you see the security industry of the future?

Navarrete: I think it will be a mixed set of capabilities and solutions that go against APTs and targeted attacks against specific clients and organizations' assets. Real-time monitoring and big data analytics, but you cannot real-time monitor everything and you can't big-data everything.

You need to be an advisor and provide key indicators for alarms.

The industry today remains highly fragmented. The complexity of IT security to some extent is [people] not understanding the importance, or having a lack of knowledge. At one time, the industry was saying antivirus is all you need, a firewall is all you need, and the IPS and network guys were saying securing the perimeter is all you need. In the end, you need an end-to-end plan -- identity and access, who is access that information, what they are accessing in applications and data, and it depends on the importance you provide that data.

I see this fragmented industry consolidating. I see many players and companies that took advantage of the lack of knowledge situation ... not having stakes in the future.

 

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ...
View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
7/8/2014 | 12:17:38 PM
Panda's research
I will be interested in seeing new research from Panda in the near future. The team there historically had been at the forefront of some of the most interesting cybercrime findings, including the infamous Mariposa botnet.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15820
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVE-2020-15821
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVE-2020-15823
PUBLISHED: 2020-08-08
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15824
PUBLISHED: 2020-08-08
In JetBrains Kotlin before 1.4.0, there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
CVE-2020-15825
PUBLISHED: 2020-08-08
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.